False negative: No EOL sw found, even when scanning outdated mongo or alpine docker image #569
Description
What happened:
I scanned a directory with outdated components and it looks like xeol didn't find any thing. Then I did a litmus check and it was the same
Also on another machine (Kali Linux, binary copied thereto) it didn't work. Also not as root. Same output. Also on my mac when I scanned the directory I got a similar zero output
What you expected to happen:
To find vulnerable components or at least display "parsing image" or the like which I didn't spot in any case.
Manually I identified several spring libs version 3.0.3 and struts 1.2 which should be find.
How to reproduce it (as minimally and precisely as possible):
Do the litmus check.
Anything else we need to know?:
Environment:
- Output of
xeol version: - OS (e.g:
cat /etc/os-releaseor similar):
See above.